Skip to content

[AssetMapper] Fix JavaScript compiler load imports from JS strings #53652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 1, 2024
Merged

[AssetMapper] Fix JavaScript compiler load imports from JS strings #53652

merged 1 commit into from
Feb 1, 2024

Conversation

smnandre
Copy link
Member

Q A
Branch? 6.4
Bug fix? yes
New feature? no
Deprecations? no
Issues Fix #53608
License MIT

Add a check to ensure the import is not parsed from a JS string (e.g. console.log(...) in the issue)

@carsonbot
Copy link

Hey!

Thanks for your PR. You are targeting branch "7.1" but it seems your PR description refers to branch "6.4".
Could you update the PR description or change target branch? This helps core maintainers a lot.

Cheers!

Carsonbot

@carsonbot carsonbot added this to the 7.1 milestone Jan 27, 2024
@smnandre smnandre changed the base branch from 7.1 to 6.4 January 27, 2024 15:24
kaznovac
kaznovac reviewed Jan 28, 2024
View reviewed changes
src/Symfony/Component/AssetMapper/Compiler/JavaScriptImportPathCompiler.php Outdated
$lineStart = strrpos($fullContent, "\n", $offsetStart - \strlen($fullContent));
// Remove enclosed strings before the import
$lineContentBeforeImport = substr($fullContent, $lineStart, $offsetStart - $lineStart);
$lineWithoutStrings = preg_replace('/\'(?:[^\'\\\\]|\\\\.)*\'|"(?:[^"\\\\]|\\\\.)*"/', '', $lineContentBeforeImport);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

template literals (`) are quite common in modern js, and this syntax allows multiline strings making this check quite a challenge

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kaznovac this PR fixes a bug with console log / deprecation / help messages (cf the original issue)

Handling multi-line strings/comments can reveal itself really complex, and probably would need there some concrete JS parser.

I must admit i doubt any library would use multi-line template comments in source code containing import instructions.. but if/when that happen we could handle it in a later PR ?

WDYT ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

alternative implementation idea: we merge this regexp with the one that checks for imports.
Since regexp are greedy, this will make the filter in one go, with just a quick check at the start of the closure

This comment was marked as outdated.

Sign in to view

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nicolas-grekas got it, and it seems to work perfectly ! Thank you :)

See https://regex101.com/r/qFoeoR/1

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@smnandre great work && sorry for the late answer

p.s. please note that this method can now be removed

@nicolas-grekas nicolas-grekas modified the milestones: 7.1, 6.4 Jan 30, 2024
@nicolas-grekas nicolas-grekas force-pushed the fix/javascript-compiler-ignore-enquoted branch from b8aa830 to d70e500 Compare February 1, 2024 08:26
@nicolas-grekas
Copy link
Member

Thank you @smnandre.

@nicolas-grekas nicolas-grekas merged commit 4fe7828 into symfony:6.4 Feb 1, 2024
nicolas-grekas added a commit to nicolas-grekas/symfony that referenced this pull request Feb 20, 2024
@nicolas-grekas
Revert "bug symfony#53652 [AssetMapper] Fix JavaScript compiler load …
0fe5dda 
…imports from JS strings (smnandre)"

This reverts commit 4fe7828, reversing
changes made to ad1563b.
@nicolas-grekas nicolas-grekas mentioned this pull request Feb 20, 2024
Closed
nicolas-grekas added a commit to nicolas-grekas/symfony that referenced this pull request Feb 20, 2024
@nicolas-grekas
Revert "bug symfony#53652 [AssetMapper] Fix JavaScript compiler load …
09d7d0c 
…imports from JS strings (smnandre)"

This reverts commit 4fe7828, reversing
changes made to ad1563b.
This was referenced Feb 27, 2024
Merged
Merged
@Chris53897 Chris53897 mentioned this pull request Feb 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaznovac kaznovac kaznovac left review comments

@weaverryan weaverryan weaverryan approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

Assignees
No one assigned
Labels
AssetMapper Bug Status: Reviewed
Projects
None yet
Milestone
6.4
Development

Successfully merging this pull request may close these issues.

[AssetMapper] Wrong javascript import detection
5 participants
@smnandre @carsonbot @nicolas-grekas @weaverryan @kaznovac